diff --git a/flake.lock b/flake.lock index 27fb0db..030b074 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1695052866, - "narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=", + "lastModified": 1702378423, + "narHash": "sha256-tuJ8NWjaH/OuZSZukS6T+suia7E1QIPXW2nzkuUCCNA=", "owner": "serokell", "repo": "deploy-rs", - "rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9", + "rev": "2ccd5d9939d41ac797c3ce769a689fdbc76fdebb", "type": "github" }, "original": { @@ -73,11 +73,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1696777017, - "narHash": "sha256-yCqwecHKXGXjAlS5JrtVO2EAkFCYWqvLF+ER0WebZ6g=", + "lastModified": 1701473318, + "narHash": "sha256-QdCJN8GeNl/V8wMjrvNkrWzNXnahgfjBfCSya4qQdrc=", "owner": "reckenrode", "repo": "nix-foundryvtt", - "rev": "9b880a901139a65bebb72d359425d45c7f5224b2", + "rev": "f624c0ceabe13dd876ecff871e0dc7f55f96e993", "type": "github" }, "original": { @@ -134,11 +134,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1694908564, - "narHash": "sha256-ducA98AuWWJu5oUElIzN24Q22WlO8bOfixGzBgzYdVc=", + "lastModified": 1702148972, + "narHash": "sha256-h2jODFP6n+ABrUWcGRSVPRFfLOkM9TJ2pO+h+9JcaL0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "596611941a74be176b98aeba9328aa9d01b8b322", + "rev": "b8f33c044e51de6dde3ad80a9676945e0e4e3227", "type": "github" }, "original": { @@ -150,11 +150,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1695830400, - "narHash": "sha256-gToZXQVr0G/1WriO83olnqrLSHF2Jb8BPcmCt497ro0=", + "lastModified": 1702312524, + "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8a86b98f0ba1c405358f1b71ff8b5e1d317f5db2", + "rev": "a9bf124c46ef298113270b1f84a164865987a91c", "type": "github" }, "original": { @@ -166,32 +166,32 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1694304580, - "narHash": "sha256-5tIpNodDpEKT8mM/F5zCzWEAnidOg8eb1/x3SRaaBLs=", + "lastModified": 1701389149, + "narHash": "sha256-rU1suTIEd5DGCaAXKW6yHoCfR1mnYjOXQFOaH7M23js=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760", + "rev": "5de0b32be6e85dc1a9404c75131316e4ffbc634c", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { "locked": { - "lastModified": 1695825837, - "narHash": "sha256-4Ne11kNRnQsmSJCRSSNkFRSnHC4Y5gPDBIQGjjPfJiU=", + "lastModified": 1702233072, + "narHash": "sha256-H5G2wgbim2Ku6G6w+NSaQaauv6B6DlPhY9fMvArKqRo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5cfafa12d57374f48bcc36fda3274ada276cf69e", + "rev": "781e2a9797ecf0f146e81425c822dca69fe4a348", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } @@ -253,11 +253,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1695284550, - "narHash": "sha256-z9fz/wz9qo9XePEvdduf+sBNeoI9QG8NJKl5ssA8Xl4=", + "lastModified": 1702177193, + "narHash": "sha256-J2409SyXROoUHYXVy9h4Pj0VU8ReLuy/mzBc9iK4DBg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "2f375ed8702b0d8ee2430885059d5e7975e38f78", + "rev": "d806e546f96c88cd9f7d91c1c19ebc99ba6277d9", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 44a843d..dc114c1 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; @@ -31,7 +31,7 @@ buildInputs = with pkgs-unstable; [ nixpkgs-fmt - terraform + opentofu terraform-ls sops deploy-rs.packages."x86_64-linux".deploy-rs diff --git a/hardware/hcloud.nix b/hardware/hcloud.nix index add384d..16e68cf 100644 --- a/hardware/hcloud.nix +++ b/hardware/hcloud.nix @@ -13,6 +13,7 @@ networking.firewall.allowPing = true; networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; networking.dhcpcd.enable = false; systemd.network = { diff --git a/hardware/hetzner-dedicated-storage1.nix b/hardware/hetzner-dedicated-storage1.nix index ce83f93..5ab1895 100644 --- a/hardware/hetzner-dedicated-storage1.nix +++ b/hardware/hetzner-dedicated-storage1.nix @@ -1,14 +1,13 @@ { modulesPath, config, lib, pkgs, ... }: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "ahci" "sd_mod" ]; boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.initrd.services.swraid.mdadmConf = config.environment.etc."mdadm.conf".text; + boot.swraid.mdadmConf = '' + HOMEHOST + ''; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; boot.loader.systemd-boot.enable = false; @@ -18,46 +17,36 @@ devices = [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" ]; }; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/e5c27021-ce34-4680-ba6f-233070cb944f"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/e5c27021-ce34-4680-ba6f-233070cb944f"; + fsType = "ext4"; + }; swapDevices = [ ]; time.timeZone = "Europe/Amsterdam"; - environment.etc."mdadm.conf".text = '' - HOMEHOST - ''; - nix.settings.max-jobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; networking = { useDHCP = false; defaultGateway = "78.46.96.225"; - defaultGateway6 = { address = "fe80::1"; interface = "enp2s0"; }; - nameservers = [ - "213.133.100.100" - "213.133.99.99" - "213.133.98.98" - ]; + defaultGateway6 = { + address = "fe80::1"; + interface = "enp2s0"; + }; + nameservers = [ "213.133.100.100" "213.133.99.99" "213.133.98.98" ]; interfaces = { enp2s0 = { - ipv4.addresses = [ - { - address = "78.46.96.243"; - prefixLength = 24; - } - ]; - ipv6.addresses = [ - { - address = "2a01:4f8:120:8233::1"; - prefixLength = 64; - } - ]; + ipv4.addresses = [{ + address = "78.46.96.243"; + prefixLength = 24; + }]; + ipv6.addresses = [{ + address = "2a01:4f8:120:8233::1"; + prefixLength = 64; + }]; }; vlan4001 = { mtu = 1400; @@ -74,8 +63,10 @@ }; }; }; - vlans.vlan4001 = { id = 4001; interface = "enp2s0"; }; + vlans.vlan4001 = { + id = 4001; + interface = "enp2s0"; + }; }; - } diff --git a/modules/nextcloud.nix b/modules/nextcloud.nix index 9b72a7c..4b34b8d 100644 --- a/modules/nextcloud.nix +++ b/modules/nextcloud.nix @@ -57,7 +57,6 @@ in { package = pkgs.nextcloud27; hostName = "cloud.${config.networking.domain}"; https = true; - enableBrokenCiphersForSSE = false; maxUploadSize = "1G"; config = { dbtype = "pgsql"; diff --git a/profiles/backend.nix b/profiles/backend.nix index 8aa9a5d..e53462e 100644 --- a/profiles/backend.nix +++ b/profiles/backend.nix @@ -69,7 +69,7 @@ services.murmur.enable = true; - services.mastodon.enable = true; + services.mastodon.enable = false; }; services.uptime-kuma = {